I am a regular reader of the computer privacy digest, I also happento be interested in Biometrics and digital signatures. I wouldwelcome the following article being published in the computerprivacy digest after 27 April. This will ensure a same weekpublication date as the Information Systems Audit and ControlAssociations Journal to whom I have promised a slight scoop. Iwould ask you to respect my wishes in this regard. The reason Iam posting it too you now is that I will be in Oceania and Indiaduring this period and access to the net is very limited.

A little about myself I had my credit cards and identity stolenand fraudulently used in the UK in the eighties. I developedVeincheck in my garage as a means of tying the individual to theircards and possessions. Vein biometric technology is beginning toblossom the biowatch is my final piece of my biometric vision.

A third way for biometric technology.

Biometric Futures

Biometric developers see through the introduction of biometrictechnologies the establishment of a safer more secure world, aworld largely free of fraud and robbery, where smart machines andservices work only for legitimate users and owners. A Biometricnirvana where people bask in the warm paternal glow of large-scalebiometric and video surveillance systems protecting their homes,transactions, streets, and borders.

Privacy groups predict an alternative future, they see a Worldwhere our consumer and lifestyle profiles are constantly monitored,updated and refined. A world where every individual is stalked byAI equipped computer driven marketing programs. A world wheresurveillance and biometric systems monitor all our social interactions,reporting on who we meet, what we buy, what we do, where we go. Aworld where surveillance and biometrics constrains our individuality,our hopes, dreams rage, anger, freedom and humanity.

Biometric Vulnerabilities

Biometric companies are seeking to sell security systems predicatedupon characteristics that are recorded in every photograph takenor left on every item touched! We are the biometric keys!

How reliable, how secure are these keys? Can they be mimicked,masked or modified?

Open View Biometrics

Many Biometric systems use "open View" traits. Traits that can berecorded by cameras or sound recording equipment or left on itemswe touch. Any other security system that lets the keys walk aroundfreely, to travel off site unsupervised, go home in the eveningsand at weekends, would be considered highly insecure! Because it'shigh tech. biometrics, it's the last word in security. Biometricsystems have yet to be subjected to serious organised criminalattack. Once widely deployed this situation will change markedly.Attacks on Biometric systems via the mimicking of users biometrictraits should be anticipated. Are Biometric systems robust enoughto counter these challenges?

Attacking Biometric Systems

In May 1998 Network Computing reviewed six biometric fingerprintdevices, only two could identify fake fingerprints. Attacks wherean individual incrementally mars access to their biometric traitmay train the biometric system to accept increasingly non-discriminatoryinformation. The converse is also true. The incremental additionof information may swamp the true underlying biometric informationand train the system to follow a false trail.

Multiple Identities

Multiple identities should be anticipated if subjects can re-enrolafter adding or subtracting information to their biometric traits.Replay attacks can also be expected, if criminals can access thebiometric transducer or comparitor. Systems management securityissues should also be considered, a good biometric implementationcan be compromised by ill-informed manipulation of the biometricsystems thresholds or lax database management by the systemsadministrator.

Security is built on three elements (something one knows, a pin orpassword) something one has (a key, card or token) something oneis (ones face, fingerprint, eye, voice or vein pattern). There isno perfect security, biometric technologies will help but arebest-implemented in combination with other elements of the securitytrinity.

Privacy Issues

Privacy issues are coming to the fore in Europe and N.America. TheEuropean Union has mandatory comprehensive privacy legislationenacted by all fifteen EU member states and policed by an independentdata protection authority. Canada is also reviewing its privacylegislation. In the United States public concerns regarding privacyhave halted the Georgia fingerprint initiative, forced the recallof sold digital drivers license photos by a number of US Statesand impacted the launch of Intel's Pentium III processor.

Market Testing

Banks and other institutions are evaluating and piloting biometricsystems for staff and public use. Focus group testing of customer'sreaction to biometric systems is being undertaken in Europe andN.America. Some customers express concerns regarding the introductionof biometric systems, others decline to take part, most welcomethem as beneficial security additions. The astute are beginning toask what if their biometric trait is lost or stolen?

Identity Theft

When a biometric trait is lost or compromised who is to blame? Isit the user for not taking care of a characteristic that is on openpublic view, or is it the biometric systems operators fault fornot installing or running a secure system? These questions will nodoubt keep lawyers busy in the very near future.

How do you compensate someone who has had their biometric trait"stolen" or compromised? The trait cannot be rehabilitated, it'slost forever and its loss will stay with them for their lifetime.

A third way for Biometrics:

A Blueprint for an autonomous, private biometric future

Second generation biometric systems are under consideration orbeing developed, which address these security and privacy concerns.Self-authenticating biometrically actuated smartcards, which theuser carries in the purse or wallet or wears on the wrist, arecoming to the fore.

The Biowatch a biometric smartcard housed within a wristwatch isone contender. It employs an opto-electronic bracelet to obtainthe wrists subcutaneous infrared absorption profile, comparing thisprofile with a previously recorded template to identify its user.Watch embedded smartcards are currently in use in Europe andAustralia. The Biowatch combines biometrics and smartcard functionalityto provide a wrist worn biometric agent. It communicates to peripheraldevices via standard IrDA or RF communications protocols, respondingto challenging systems with an encrypted digitally signed authenticationsignature using standard public key cryptography.

A Biometric Agent.

The use of public key cryptography ensures that the biometrictemplate is secret and held within the watch, merely an authorisationcode is transmitted, encrypted by the users private key. No bigbrother, no large databases, no large-scale enrolment problems.The individual keeps their biometric identity private.

The Biowatch in conjunction with secure internet communicationswill allow users to download the key generation software, plusregister their public keys with a certification authority of theirchoice.

They can choose a UK or US certification authority with key escrowkey recovery agreements with GCHQ or the NSA, or they may chooseto use, say an Icelandic certification authority which guaranteesabsolute privacy.

For those seeking privacy, only their public keys need to bepublished with no address or identifying details. If these keyshave a good commercial record, pay their debts, have a soundfinancial history. Then companies and individuals will do businesswith them. If people are wary, they can take out an insurance policywith the certification authority, The Certification Authority willknow who they are but guarantee privacy and secrecy.

A number of public keys can be registered for different commercialactivities. What we are seeing is the globalisation of digitalcommerce, consumer choice is king. User certification will be simpleand accessed via WebTV, NCs network computers and PCs. Users willbe encouraged to register additional certificates (access andauthentication rights) for Commercial transactions, tax returnsand census reports, shopping, vehicles, computers, domestic securitysystems, transportation payment systems, firearms, phones and PDAs

Business Applications

Businesses can reserve a tranche of keys and distribute them totheir staff for intranet and inernet transactions and communications.In future all Internal and external digital correspondence includingletters, memos, spreadsheets, orders, invoices, bills and paymentscan be digitally signed validating the digital documents integrity,authorship and origins.

Opportunity

The human wrist unlike their purse or wallet is a limited area ofreal estate. The first to get a biometrically actuated smartcardthere will stay and benefit from that user's patronage for theirlifetime. The world is rapidly transforming into a global digitaleconomy. The post millennium business battles will not be for whatoperating system or what network feeds into your domestic computer,or what biometric API is applied to ATMs and computer systems,these are merely side-shows. The major battle, the major prize iswhose biometric smartcard with what software the world will wearon its wrist.

Technical

The Biowatch integrates the three elements of security to providea comprehensive security solution, it only needs to undertake abiometric verification once per day, upon being strapped to itsowner. Thereafter, whilst strapped to the owners wrist it willmaintain itself in a biometrically armed state. In addition it willgenerate and store within a cache, a series of authentication codesencrypted by the users/biowatches private key. Thus there will beno FRRs ( false rejections ) or waiting for the Biowatch to encrypta new authentication code. Authentication of the user to myriadpersonal, public secured financial and access services will be fastand transparent. For high security applications a full challengeresponse protocol can be applied.

Security

Vulnerabilities are concentrated within generic biometric systems,theft of biometric templates or databases even if encrypted compromiseall biometric templates contained within the system. Simpler moresecure, proven key management procedures are in place through publickey cryptography systems. The Biowatch leverages these cryptographicstrengths to provide a robust security solution.

a.. If they steal your car (hoisted into a removal van) what have they got? Only you're public key, which is published anyway. b.. If they ram-raid your home and remove your security system what have they got? Again only you're public key. c.. If they steal your Biowatch what have they got, a watch protected by a biometric with an encrypted absorption profile of your wrist that will lapse on a time limit set by you. a.. Phone the certification authority get them to revoke your public keys. Get another Biowatch and get on with your life.!A World Biometric Solution

The Biowatch proposal provides a world solution, it provides secureauthentication of the individual, their transactions and authorshipat any open insecure Internet node or network terminal world-wide.The future does not lie in large-scale quasi-totalitarian biometricsystems. Biometrics needs to meet customer and user requirementsfor security, privacy, convenience and acceptability. Personalbiometric systems that the people own and control themselves fitthese requirements. The Biowatch is a very sensible way forwardfor biometrics. It enhances freedom, security and privacy for theindividual. Whilst reducing fraud, crime and insecurity for thecommunity. Vein biometric products are being developed and appliedin Europe, Asia, Africa and America. Watch embedded smartcards arebeing used in Europe and Australia.

The Biowatch a European innovation needs N.American organisation,marketing and dynamism to make it a world success.